Chapter 21 – Malicious Code and Application Attacks

Question 1

1. What is the most commonly used technique to protect against virus attacks?
   Signature detection

Answer 1

Signature detection

Question 2

2. You are the security administrator for an e-commerce company and are placing a new web server into production. What network zone should you use?
   DMZ

Answer 2

DMZ

Question 3

3. Which one of the following types of attacks relies on the difference between the timing of two events?
   TOCTOU

Answer 3

TOCTOU

Question 4

4. Which of the following techniques is most closely associated with APT attacks?
   Zero-day exploit

Answer 4

Zero-day exploit

Question 5

5. What advanced virus technique modifies the malicious code of a virus on each system it infects?
   Polymorphism

Answer 5

Polymorphism

Question 6

6. Which one of the following tools provides a solution to the problem of users forgetting complex passwords?
   LastPass

Answer 6

LastPass

Question 7

7. What type of application vulnerability most directly allows an attacker to modify the contents of a system’s memory?
   Buffer overflow

Answer 7

Buffer overflow

Question 8

8. Which one of the following passwords is least likely to be compromised during a dictionary attack?
   Fsas3alG

Answer 8

Fsas3alG

Question 9

9. What technique may be used to limit the effectiveness of rainbow table attacks?
   Salting

Answer 9

Salting

Question 10

10. What character should always be treated carefully when encountered as user input on a web form?
    ‘

Answer 10

‘